Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          8sAksDaJvvbWZzLyYwrTktE5V4W+omZAaTlEToFGofQ=
Subject key identifier:   90:1D:BC:B5:00:0E:08:87:72:0B:99:27:0C:5F:A3:B0:B7:62:53:47
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       019DA3781C5AE3EEA554CF1A75A950123BD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          18C4
Signing time:             Sun 19 Apr 2026 02:00:50 +0000
Manifest this update:     Sun 19 Apr 2026 02:00:50 +0000
Manifest next update:     Mon 20 Apr 2026 02:00:50 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: MOOuojIsiS7stsK2WE+tuor8nxVoiUAaaW7yG1dbG6k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:78:1c:5a:e3:ee:a5:54:cf:1a:75:a9:50:12:3b:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Apr 19 02:00:50 2026 GMT
            Not After : Apr 20 02:00:50 2026 GMT
        Subject: CN=901dbcb5000e0887720b99270c5fa3b0b7625347
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4f:85:5f:86:7b:b7:35:2e:5f:14:fa:78:4a:
                    ee:47:12:39:11:e0:96:8b:2b:49:ce:8f:0d:18:05:
                    59:85:7d:f1:4a:a1:49:fc:48:39:f9:60:c8:94:b0:
                    bf:fa:17:ea:1c:1a:00:6d:e3:18:3d:b0:14:9e:3a:
                    a0:25:22:d2:e6:8f:2c:b1:24:34:c1:b3:94:5b:d1:
                    dd:58:1d:78:fd:f4:d1:9f:97:20:66:88:69:e7:3f:
                    65:0f:9f:72:41:05:6f:ed:4d:ce:69:ff:f1:38:8b:
                    c5:f7:1e:a2:80:e3:dd:f8:41:96:42:bd:10:e0:65:
                    3d:26:20:85:46:74:a9:0a:08:42:55:62:d4:53:87:
                    d3:98:7c:aa:69:79:15:45:fa:44:87:e6:ce:2a:13:
                    6b:5d:43:7c:cb:c6:97:d3:0e:02:84:2d:60:6e:65:
                    8f:22:6c:de:fe:8f:05:4c:e1:f7:ec:62:dc:70:ff:
                    39:7a:9a:dd:99:2c:a0:9d:55:ce:c3:c6:f4:1a:85:
                    e3:8c:f0:02:8f:8a:67:5a:ee:f1:65:13:fa:f9:21:
                    b7:10:fa:6d:91:43:ee:00:06:d8:a8:2f:5d:2f:cc:
                    48:c6:41:41:80:fe:96:a2:83:2f:1e:64:7c:5f:95:
                    f2:7f:d5:5d:25:43:05:51:87:d3:4f:de:39:c0:dc:
                    03:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:1D:BC:B5:00:0E:08:87:72:0B:99:27:0C:5F:A3:B0:B7:62:53:47
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:62:51:f8:df:86:cc:a4:e4:f4:d0:64:0b:16:9d:5b:21:e1:
         da:0e:3b:45:88:70:72:d2:6f:75:02:23:7d:22:a6:87:30:37:
         39:82:f7:4f:8d:29:d0:12:6d:94:76:0b:d3:e6:fa:51:db:61:
         2c:90:f8:a5:c5:b6:6e:e3:3f:07:af:9d:c4:d7:a9:cc:bd:ad:
         79:d6:b6:a3:58:45:56:95:db:bf:30:4b:b6:4e:3e:3e:55:06:
         dd:de:d9:73:99:24:4a:fd:4f:90:f1:81:84:91:46:57:3b:58:
         7b:e5:22:ed:ba:e0:d6:67:da:97:f4:a8:b9:9f:d7:04:ae:7d:
         99:e9:2a:21:60:7a:20:15:8e:1a:aa:a1:02:e9:82:0d:06:99:
         8a:a0:2d:96:4e:81:41:26:ba:ad:aa:77:86:67:7a:05:b8:c3:
         6f:9d:ef:94:36:0e:58:3c:79:44:36:37:57:33:2a:8b:16:fa:
         f2:b6:4a:b3:57:62:88:60:de:19:d7:7d:97:e7:a7:73:a0:7e:
         50:20:a9:2e:64:d1:8a:c5:b7:47:93:c7:22:4c:d2:2f:40:92:
         77:b8:07:c5:c9:d3:54:c4:e3:28:88:bc:79:31:64:4d:0e:78:
         f9:3d:f8:84:35:75:05:96:fb:76:1d:3a:a8:86:ea:c5:44:03:
         d1:9e:71:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jeBxa4+6lVM8adalQEjvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjYwNDE5MDIwMDUwWhcNMjYwNDIwMDIwMDUwWjAzMTEwLwYDVQQD
Eyg5MDFkYmNiNTAwMGUwODg3NzIwYjk5MjcwYzVmYTNiMGI3NjI1MzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU+FX4Z7tzUuXxT6eEruRxI5EeCW
iytJzo8NGAVZhX3xSqFJ/Eg5+WDIlLC/+hfqHBoAbeMYPbAUnjqgJSLS5o8ssSQ0
wbOUW9HdWB14/fTRn5cgZohp5z9lD59yQQVv7U3Oaf/xOIvF9x6igOPd+EGWQr0Q
4GU9JiCFRnSpCghCVWLUU4fTmHyqaXkVRfpEh+bOKhNrXUN8y8aX0w4ChC1gbmWP
Imze/o8FTOH37GLccP85eprdmSygnVXOw8b0GoXjjPACj4pnWu7xZRP6+SG3EPpt
kUPuAAbYqC9dL8xIxkFBgP6WooMvHmR8X5Xyf9VdJUMFUYfTT945wNwDIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAdvLUADgiHcguZJwxfo7C3YlNHMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK2JR+N+G
zKTk9NBkCxadWyHh2g47RYhwctJvdQIjfSKmhzA3OYL3T40p0BJtlHYL0+b6Udth
LJD4pcW2buM/B6+dxNepzL2teda2o1hFVpXbvzBLtk4+PlUG3d7Zc5kkSv1PkPGB
hJFGVztYe+Ui7brg1mfal/SouZ/XBK59mekqIWB6IBWOGqqhAumCDQaZiqAtlk6B
QSa6rap3hmd6BbjDb53vlDYOWDx5RDY3VzMqixb68rZKs1diiGDeGdd9l+enc6B+
UCCpLmTRisW3R5PHIkzSL0CSd7gHxcnTVMTjKIi8eTFkTQ54+T34hDV1BZb7dh06
qIbqxUQD0Z5xEw==
-----END CERTIFICATE-----